VIR Vulnerability Intelligence Relay

Package impact

python PyPI / radicale

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2016-1505 critical 10.0 10.0 11y ago Radicale is vulnerable to directory traversal on Windows Filesystem Storage Backend component debianpython
CVE-2015-8747 critical 10.0 10.0 11y ago The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name. debianpython
CVE-2017-8342 high 8.1 8.1 9y ago Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method. debianpython
CVE-2015-8748 medium 5.3 5.3 4y ago Radicale before 1.1 allows remote authenticated users to bypass owner_write and owner_only limitations via regex metacharacters in the user name, as demonstrated by ".*". debianpython